Skip to content

Commit

Permalink
remove scan info from update check (#1033)
Browse files Browse the repository at this point in the history
* removed scan info from github update check
* added build-debug pipeline job
  • Loading branch information
epi052 authored Nov 25, 2023
1 parent d805e46 commit a714825
Show file tree
Hide file tree
Showing 3 changed files with 71 additions and 11 deletions.
29 changes: 29 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,35 @@ jobs:
name: ${{ matrix.name }}.tar.gz
path: ${{ matrix.name }}.tar.gz

build-debug:
env:
IN_PIPELINE: true
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install System Dependencies
run: |
env
sudo apt-get update
sudo apt-get install -y --no-install-recommends libssl-dev pkg-config
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
target: x86_64-unknown-linux-musl
override: true
- uses: actions-rs/cargo@v1
env:
PKG_CONFIG_PATH: /usr/lib/x86_64-linux-gnu/pkgconfig
OPENSSL_DIR: /usr/lib/ssl
with:
use-cross: true
command: build
args: --target=x86_64-unknown-linux-musl
- uses: actions/upload-artifact@v2
with:
name: x86_64-linux-debug-feroxbuster
path: target/x86_64-unknown-linux-musl/debug/feroxbuster

# build-deb:
# needs: [build-nix]
# runs-on: ubuntu-latest
Expand Down
33 changes: 31 additions & 2 deletions src/banner/container.rs
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
use super::entry::BannerEntry;
use crate::{
client,
config::Configuration,
event_handlers::Handles,
utils::{logged_request, parse_url_with_raw_path, status_colorizer},
utils::{make_request, parse_url_with_raw_path, status_colorizer},
DEFAULT_IGNORED_EXTENSIONS, DEFAULT_METHOD, DEFAULT_STATUS_CODES, VERSION,
};
use anyhow::{bail, Result};
use console::{style, Emoji};
use serde_json::Value;
use std::collections::HashMap;
use std::{io::Write, sync::Arc};

/// Url used to query github's api; specifically used to look for the latest tagged release name
Expand Down Expand Up @@ -498,7 +500,34 @@ by Ben "epi" Risher {} ver: {}"#,

let api_url = parse_url_with_raw_path(url)?;

let result = logged_request(&api_url, DEFAULT_METHOD, None, handles.clone()).await?;
// we don't want to leak sensitive header info / include auth headers
// with the github api request, so we'll build a client specifically
// for this task. thanks to @stuhlmann for the suggestion!
let client = client::initialize(
handles.config.timeout,
"feroxbuster-update-check",
handles.config.redirects,
handles.config.insecure,
&HashMap::new(),
Some(&handles.config.proxy),
&handles.config.server_certs,
Some(&handles.config.client_cert),
Some(&handles.config.client_key),
)?;
let level = handles.config.output_level;
let tx_stats = handles.stats.tx.clone();

let result = make_request(
&client,
&api_url,
DEFAULT_METHOD,
None,
level,
&handles.config,
tx_stats,
)
.await?;

let body = result.text().await?;

let json_response: Value = serde_json::from_str(&body)?;
Expand Down
20 changes: 11 additions & 9 deletions src/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -67,17 +67,19 @@ where
}

if let (Some(cert_path), Some(key_path)) = (client_cert, client_key) {
let cert = std::fs::read(cert_path)?;
let key = std::fs::read(key_path)?;
if !cert_path.is_empty() && !key_path.is_empty() {
let cert = std::fs::read(cert_path)?;
let key = std::fs::read(key_path)?;

let identity = reqwest::Identity::from_pkcs8_pem(&cert, &key).with_context(|| {
format!(
"either {} or {} are invalid; expecting PEM encoded certificate and key",
cert_path, key_path
)
})?;
let identity = reqwest::Identity::from_pkcs8_pem(&cert, &key).with_context(|| {
format!(
"either {} or {} are invalid; expecting PEM encoded certificate and key",
cert_path, key_path
)
})?;

client = client.identity(identity);
client = client.identity(identity);
}
}

Ok(client.build()?)
Expand Down

0 comments on commit a714825

Please sign in to comment.